package com.unitd.comm.shiro;

import com.unitd.frame.comm.utils.http.HttpUtils;
import com.unitd.frame.spring.SpringInstanceFactory;
import com.unitd.frame.sso.common.helper.SSOHelper;
import com.unitd.frame.sso.common.token.Token;
import com.unitd.frame.sso.service.auth.ISSOAuthorization;
import org.apache.velocity.tools.config.DefaultKey;

import javax.servlet.http.HttpServletRequest;

/**
 * @desc 获取用户授权信息工具类,用于定义到velocity的toolbox.xml文件中作为常量
 * @filename SSOPermissionTool.java
 * @copyright www.unitd.com
 * @author Hudan
 * @version 1.0
 * @date 2017/4/1
 */
@DefaultKey("SSOPermission")
public class SSOPermissionTool {

	/**
	 * @desc 按钮级别权限判断
	 * @param permission 权限位
	 * @return true/false
	 */
	public boolean isActionable(String permission) {
		HttpServletRequest request = HttpUtils.getHttpServletRequest();
		Token token = SSOHelper.attrToken(request);
		if (token == null) {
			return false;
		}

		//数据库判断按钮权限是否合法，生产环境此处建议加缓存判断逻辑。
		ISSOAuthorization psi = SpringInstanceFactory.getInstance("permissionService");
		return psi.isActionable(token, permission);
	}
}